diff --git a/decoders/0485-jupyterhub_decoders.xml b/decoders/0485-jupyterhub_decoders.xml
new file mode 100644
index 000000000..3673ab34d
--- /dev/null
+++ b/decoders/0485-jupyterhub_decoders.xml
@@ -0,0 +1,27 @@
+<!--JUPYTERHUB-->
+
+<!--
+-  JupyterHub ruleset
+-  Created by banditopazzo.
+-  Copyright (C) 2015-2019, Wazuh Inc.
+-  This program is a free software; you can redistribute it and/or modify it under the terms of GPLv2.
+-->
+
+<!-- ID: 88300 - 88399 -->
+
+<decoder name="jupyterhub">
+	<program_name>^python3</program_name>
+	<prematch>JupyterHub</prematch>
+</decoder>
+
+<decoder name="jupyterhub-add">
+	<parent>jupyterhub</parent>
+	<regex>(\d\d\d\d-\d\d-\d\d) (\d\d:\d\d:\d\d)</regex>
+	<order>date,time</order>
+</decoder>
+
+<decoder name="jupyterhub-add">
+	<parent>jupyterhub</parent>
+	<regex offset="after_regex">User logged out: (\S+)|User logged in: (\S+)|Failed login for (\S+)</regex>
+	<order>user</order>
+</decoder>
diff --git a/rules/0690-jupyterhub_rules.xml b/rules/0690-jupyterhub_rules.xml
new file mode 100644
index 000000000..89f55803e
--- /dev/null
+++ b/rules/0690-jupyterhub_rules.xml
@@ -0,0 +1,44 @@
+<!--JUPYTERHUB-->
+
+<!--
+-  JupyterHub ruleset
+-  Created by banditopazzo.
+-  Copyright (C) 2015-2019, Wazuh Inc.
+-  This program is a free software; you can redistribute it and/or modify it under the terms of GPLv2.
+-->
+
+<!-- ID: 88300 - 88399 -->
+
+<group name="syslog,jupyterhub">
+
+	<rule id="88300" level="0">
+		<decoded_as>jupyterhub</decoded_as>
+		<description>JupyterHub messages grouped.</description>
+		<options>no_full_log</options>
+	</rule>
+
+	<rule id="88301" level="6">
+		<if_sid>88300</if_sid>
+		<match>User logged out:</match>
+		<description>JupyterHub successful logout $(dstuser) account.</description>
+		<group>pci_dss_10.2.4,pci_dss_10.2.5,gdpr_IV_35.7.d,gdpr_IV_32.2,hipaa_164.312.b,nist_800_53_AU.14,nist_800_53_AC.7,</group>
+		<options>no_full_log</options>
+	</rule>
+
+	<rule id="88302" level="6">
+		<if_sid>88300</if_sid>
+		<match>User logged in:</match>
+		<description>JupyterHub successful authentication $(dstuser) account.</description>
+		<group>authentication_success,pci_dss_10.2.4,pci_dss_10.2.5,gdpr_IV_35.7.d,gdpr_IV_32.2,hipaa_164.312.b,nist_800_53_AU.14,nist_800_53_AC.7,</group>
+		<options>no_full_log</options>
+	</rule>
+
+	<rule id="88303" level="6">
+		<if_sid>88300</if_sid>
+		<match>Failed login for </match>
+		<description>JupyterHub failed authentication $(dstuser) account.</description>
+		<group>authentication_failed,pci_dss_10.2.4,pci_dss_10.2.5,gdpr_IV_35.7.d,gdpr_IV_32.2,hipaa_164.312.b,nist_800_53_AU.14,nist_800_53_AC.7,</group>
+		<options>no_full_log</options>
+	</rule>
+
+</group>
diff --git a/tools/rules-testing/tests/jupyterhub.ini b/tools/rules-testing/tests/jupyterhub.ini
new file mode 100644
index 000000000..884e68af2
--- /dev/null
+++ b/tools/rules-testing/tests/jupyterhub.ini
@@ -0,0 +1,20 @@
+[JupyterHub logout successful.]
+log 1 pass = Jan  7 14:40:51 BigDataScientistPlatform python3[3393]: [I 2020-01-07 14:40:51.829 JupyterHub login:43] User logged out: myusername
+
+rule = 88301
+alert = 6
+decoder = jupyterhub
+
+[JupyterHub authentication successful.]
+log 1 pass = Jan  7 14:40:03 BigDataScientistPlatform python3[3393]: [I 2020-01-07 14:40:03.639 JupyterHub base:663] User logged in: myusername
+
+rule = 88302
+alert = 6
+decoder = jupyterhub
+
+[JupyterHub authentication failed.]
+log 1 pass = Jan  7 14:38:49 BigDataScientistPlatform python3[3393]: [W 2020-01-07 14:38:49.394 JupyterHub base:670] Failed login for myusername
+
+rule = 88303
+alert = 6
+decoder = jupyterhub